I'd like to know if there is any change to this question I already asked here when I was using OpenBSD 4.9.
Since I moved to FreeBSD, but OpenBSD 5.1 is about to be released, and I liked the simple way of doing things in OpenBSD.

If I use the stable branch, is there a way to know which packages on my system have a security flaw, and what is the right way to update them then ?

In the FAQ it is said to read the ports-changes list, which is not handy at all.
(ports-security list is dead and not mentioned anymore)

I would continue to use out-of-date. Since you last used OpenBSD, there have been some enhancements that may be of interest:

You will find pkg_delete(8) now has "-a" option to delete any unneeded build dependencies :

Code:

-a Delete unused dependencies (packages that are not needed
by anything tagged as installed manually). Can be used
without pkgnames. If used with pkgnames, it will only
delete non manual installs in the list.

The distributed ports builder, dpb(1), has been around as a semi-private tool for some years but has now reached the maturity point where it has been discussed publicly on misc@ and has its own snall section in the FAQ (15.3.9). I mention it because it can use a more simply edited pathlist from your out-of-date run to complete your ports building. You will find the executable in /usr/ports/infrastructure/bin, and its man page in /usr/ports/infrastructure/man. The mandoc(1) program can be used with the latter and your favorite $PAGER.

Last edited by jggimi; 10th April 2012 at 01:00 PM.
Reason: typos and clarity